Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228scanner Applications that are vulnerable to the...

Input validation

The Smash Balloon Social Post Feed WordPress plugin before 4.0.1 did not have any privilege or nonce validation before saving the plugin's setting. As a result, any logged-in user on a vulnerable site could update the settings and store rogue JavaScript on each of its posts and pages...

GrandNode 4.40 Path Traversal / File Download

Exploit Title: GrandNode Path Traversal & Arbitrary File Download Unauthenticated Date: 06/23/3019 Exploit Author: Corey Robinson https://twitter.com/CRobSec Vendor Homepage: https://grandnode.com/ Software Link:...